I have a tool that replays traffic from a .pcap file and another tool that interprets that traffic. For testing purposes, I need to play traffic out one interface and have it come in another. Obviously I could simply attach a crossover cable between two of my NICs, but surely there's a better way I could do this from within Linux? I've tried using a loopback interface (play traffic out lo, interpret traffic from lo) but it didn't work.
Is there a way that I could create virtual interfaces, and then bridge the two virtual interfaces? Ideally I would be able to play traffic out 'virt-eth1' and have my other tool listening on 'virt-eth2'. When the traffic is sent to virt-eth1, it should be bridged and come in on virt-eth2. What happens from there is of no consequence.
Best Answer
I think what you are needing to use here are TUN/TAP interfaces. Install tunctl (package for CentOS) and then you can start creating virtual network interfaces:
More info here: http://backreference.org/2010/03/26/tuntap-interface-tutorial/
As I recall, when using the loopback interface, that doesn't work properly with PCAP libraries because it's not actually a "real" interface (or certainly not seen as a real one by the system). It doesn't even have a MAC address if you run ifconfig on it. But, TUN/TAP interfaces do, and for the purpose of what you're trying to do, it may just be the solution you're looking for (no creating extra virtual machines etc required).
I also suspect you'll be able to accomplish your task with just one tap interface (no bridging between 2 required). Simply have your first process bind onto the virtual interface and write the traffic, then have the secondary one bind onto it, reading the traffic.